You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shiro.apache.org by "Hari Sekhon (JIRA)" <ji...@apache.org> on 2017/07/18 10:55:00 UTC
[jira] [Created] (SHIRO-631) Principal mapping rules similar to
Hadoop's auth_to_local
Hari Sekhon created SHIRO-631:
---------------------------------
Summary: Principal mapping rules similar to Hadoop's auth_to_local
Key: SHIRO-631
URL: https://issues.apache.org/jira/browse/SHIRO-631
Project: Shiro
Issue Type: New Feature
Components: Authentication (log-in), Authorization (access control) , Realms
Environment: HDP 2.6 + Kerberos + AD LDAP multi-domain forest
Reporter: Hari Sekhon
Priority: Blocker
Feature Request to add principal mapping rules similar to Hadoop's auth_to_local.
This will allow munging pincipals and rule based remappings to differentiate duplicate users in multi-domain Active Directory forests where the LDAP results returned from the global catalog include duplicate usernames which need to be translated with a prefix/suffix in order to differentiate between domains to prevent users from different domains sharing logins, permissions etc.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)